From bad69e69e45a95933e7cd3a09b68c6642ab1dd18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 28 Nov 2024 19:14:53 +0100 Subject: [PATCH] Update docs --- docs/display-parameters.rst | 9 +++++++++ docs/index.rst | 1 + docs/presentation.rst | 4 +++- docs/updatestartendtime.rst | 39 +++++++++++++++++++++++++++++++++++++ docs/upgrade.rst | 26 +++++++++++++++++++------ 5 files changed, 72 insertions(+), 7 deletions(-) create mode 100644 docs/updatestartendtime.rst diff --git a/docs/display-parameters.rst b/docs/display-parameters.rst index d982f4f..1604752 100644 --- a/docs/display-parameters.rst +++ b/docs/display-parameters.rst @@ -54,3 +54,12 @@ You can disable the expire status panel: .. code-block:: php $show_expirestatus = false; + +Validity status +--------------- + +You can disable the validity status panel: + +.. code-block:: php + + $show_validitytatus = false; diff --git a/docs/index.rst b/docs/index.rst index a0bf276..1ba49f3 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -27,6 +27,7 @@ LDAP Tool Box Service Desk documentation resetpassword.rst lockaccount.rst enableaccount.rst + updatestartendtime.rst hook.rst dashboards.rst configuration-mail.rst diff --git a/docs/presentation.rst b/docs/presentation.rst index dbbc088..6151b05 100644 --- a/docs/presentation.rst +++ b/docs/presentation.rst @@ -17,10 +17,12 @@ Features * Test current password * Reset password and force password change at next connection * Lock and unlock account +* Update account validity dates * Create and view audit logs * Dashboards: * Accounts locked * Accounts with a password that will soon expire * Accounts with an expired password - * Accounts idle (never connected or not connected since a number of days) \ No newline at end of file + * Accounts idle (never connected or not connected since a number of days) + * Accounts invalid (for which start date is in the future, or end date is in the past) diff --git a/docs/updatestartendtime.rst b/docs/updatestartendtime.rst new file mode 100644 index 0000000..5f1c855 --- /dev/null +++ b/docs/updatestartendtime.rst @@ -0,0 +1,39 @@ +Update start and end validity dates +=================================== + +Some LDAP directories provide attributes to define start and end account validify dates. + +For OpenLDAP since 2.5 version, attributes are ``pwdStartTime`` and ``pwdEndTime``. + +For Active Directory, only end time is available, in ``accountExpires`` attribute. + +Show validity status +------------------- + +Service Desk will display if account is valid or not. To allow this feature: + +.. code-block:: php + + $show_validitystatus = true; + +Update start date +----------------- + +This feature allows to edit the account start validity date. This requires to have the `starttime` field defined in the attributes map. + +To enable this feature: + +.. code-block:: php + + $use_updatestarttime = true; + +Update end date +----------------- + +This feature allows to edit the account end validity date. This requires to have the `endtime` field defined in the attributes map. + +To enable this feature: + +.. code-block:: php + + $use_updateendtime = true; diff --git a/docs/upgrade.rst b/docs/upgrade.rst index e1f84c9..65fa2e6 100644 --- a/docs/upgrade.rst +++ b/docs/upgrade.rst @@ -4,7 +4,7 @@ Upgrade From 0.5 to 0.6 --------------- -bundled dependencies +Bundled dependencies ~~~~~~~~~~~~~~~~~~~~ The dependencies are now explicitly listed in the service-desk package, including the bundled ones. @@ -15,7 +15,7 @@ You can find bundled dependencies list: * in Provides field in rpm package -configuration +Configuration ~~~~~~~~~~~~~ The configuration files are now in ``/etc/service-desk`` directory. @@ -29,7 +29,7 @@ Please take in consideration that ``config.inc.php`` is now replaced systematica Avoid as much as possible editing the ``/etc/service-desk/config.inc.php`` file. Prefer modifying the ``/etc/service-desk/config.inc.local.php``. -password policy +Password policy ~~~~~~~~~~~~~~~ When you change the password for a user, you can now configure a local password policy for ensuring the password strength is sufficient. @@ -43,7 +43,7 @@ You can give a look to the :doc:`password policy documentation ` for mo The local password policy is now defined in a library: `ltb-common `_. -cache cleaning +Cache cleaning ~~~~~~~~~~~~~~ Now the cache is being cleaned-up during service-desk upgrade / install. @@ -51,7 +51,7 @@ Now the cache is being cleaned-up during service-desk upgrade / install. This is intended to avoid smarty problems due to service-desk templates upgrade, and possibly smarty upgrade itself. -dependencies update +Dependencies update ~~~~~~~~~~~~~~~~~~~ Removed packaged dependencies: @@ -117,7 +117,6 @@ Removed bundled dependencies: Note that hidden files (.gitignore,...) from bundled dependencies are now removed from packages. - Last authentication time and idle accounts ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -142,3 +141,18 @@ You can enable this feature by setting a non-zero value to the page size paramet .. code-block:: php $ldap_page_size = 100; + +Account validity +~~~~~~~~~~~~~~~~ + +Account validity feature is enabled by default. For OpenLDAP it relies on ``pwdStartTime`` and ``pwdEndTime`` attributes available since OpenLDAP 2.5. +For Active Directory, only the end time is available, in ``accountExpires`` attribute. + +You can disable this new feature if you don't want to use it: + +.. code-block:: php + + $show_validitystatus = false; + $use_updatestarttime = false; + $use_updateendtime = false; + $use_searchinvalid = false;